Dailydave mailing list archives
Re: Hello Microsofties!
From: Tucker Dummychuck <dummychuck () gmail com>
Date: Tue, 27 Jan 2009 17:07:12 -0800
I've not done this myself, but I think a good starting point would be VSTO (Visual Studio Tools for Office). See http://blogs.msdn.com/chhopkin/archive/2008/08/29/vsto-3-0-and-visio-essentials.aspx thx Tucker. On Tue, Jan 27, 2009 at 6:54 AM, Mohammad Hosein <mhtajik () gmail com> wrote:
as much as it may look embarrassing since this is a hacker forum , once i did a fairly complex Office Add-in development using tools come from "Add-in Express" and it saves me a lot of time , and well , money . but basically what you need is to instantiate a dozen of Office's whacky COM classes and call a bunch of methods . its unreasonably undocumented and hard to debug . instead , this package gave me a couple of components and Wizards helped me ignore the complexity and just go on with my business . http://www.add-in-express.com On Tue, Jan 27, 2009 at 5:54 PM, Dave Aitel <dave () immunityinc com> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So as a side project I'm doing something weirder than usual: C#. Well, it doesn't have to be C#. Ideally it'd be IronPython - but it's CLR which means the underlying language is essentially C# no matter what your syntax looks like. Here's where we're coming from over at Immunity. It's great to have a penetration testing tool. Everyone loves a nice GUI popping up shells. But, in fact, for some large percentage of our customers you're really only using that tool in order to fit it into your internal business processes which Immunity typically knows nothing about. While we have a number of people writing exploits using the CANVAS Python API, it's not necessarily the way everyone wants to extend CANVAS. For example, for unknown reasons, not everyone knows Python! So instead we have an XML-RPC API. Ideally every network attack tool would have the same XML-RPC API so you could talk to them all with the same client code, but that might be asking a lot in the short run. In the meantime, you have a ton of people using Visio with their network diagrams, and I want to give them a way to connect to CANVAS's running on those subnets and do cool things. Imagine if you could just right click a Visio picture and say "What OS is this really?" or "Is this machine patched for MS08_067?" or "Color all the MS machines on this network red, and the Linux ones Blue" or "Tell me which machines are on this network" or "Portscan these and tell me which ones are IIS". Really, the possibilities are endless when it comes to business logic automation. Essentially, a web application these days is just one instance of something consuming your XML-RPC API. Everyone else can build their own web mashups, or even thick clients based on their own business tools. Welcome to Web 2.0! :> Anyways, my question is: Who has done something like this with Visio? What do you recommend - and where is the IRC channel for quick help with the Visio API? :> - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJfxkAtehAhL0gheoRAovYAJ0SUGxwYx2Ar+qoPeVyvaXx7Bfg+gCfVOii 7m/4FA8nFor060vtlPeZxnY= =DtNJ -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Hello Microsofties! Dave Aitel (Jan 27)
- Re: Hello Microsofties! Mohammad Hosein (Jan 27)
- Re: Hello Microsofties! Tucker Dummychuck (Jan 27)
- Re: Hello Microsofties! Mohammad Hosein (Jan 27)